My mail server overhaul -- exim

[invalid at pizzashack.org (Derek Martin)]

On Wed, May 18, 2005 at 09:37:21AM -0400, Rich Braun wrote:
> Seems that I opened some old wounds of religious arguments on whose MTA is
> better than whose...

The intent of my reply was NOT to get involved in religious wars,
which is why I wrote a disclaimer about not bashing exim at the end of
my message.  However in your post you made it sound like exim could do
lots of cool stuff that sendmail can't, and in most of the cases you
mentioned, that just ain't true.  My intent was mainly FUD busting,
not preaching.  

My experience has been that people often complain about Program A
because it doesn't do X, Y, and Z; when in fact it does all of the
above.  They proceed to extoll the virtues of Program B, but the only
real difference is that they took the time to look into how to do X,
Y, and Z with program B, whereas they didn't with Program A.

People complain about sendmail often, but I personally have found that
the documentation is quite good, and fairly extensive.  The only
problem is it is written more in reference form than in Howto form, so
finding what you want to do might take a little longer.  But there are
also FAQs which point you at most of the things you'll want to do...

www.sendmail.org is your friend, as is your favorite search engine.
I think there's not a lot of point in spending time explaining how to
do X Y and Z with sendmail, cuz the docs that are already there do a
better job than I would.  Just go look at them... ;-)

> Derek suggested:
> > Of course, if you're wrong, then you're potentially negatively
> > impacting the service of the sender ...These delays probably don't
> > impact spammers too significantly
> 
> The techniques that I used take advantage of the inherent desire for anonymity
> that spammers have.  Misconfigured mailers deserve to be delayed a bit.

Without going into details about what techniques you're using, I can't
say if my reasoning applies here, but in general I don't agree.
Again, lots of people run poorly configured mailers which aren't spam
engines.  I worked at a company who partnered with one such
organization...  If we'd made use of some of these features, we may
well have effectively DoS'd them...  Yeah, they should have used a
better mailer, but it wasn't up to me to make that call.  Spam sucks,
but that doesn't mean you should break the 'Net dealing with it.
[O.K., I guess I'm preaching a little. :)]

> He then suggested:
> > The conservative RBLs suck.
> 
> Perhaps we're using the word "conservative" in opposite sense.  

It seems so.  You can be conservative in what you accept, or
conservative in what you reject.  :)  Since you're talking about
blocking spam, I took it as conservative in what you accept...

> Question on this topic:  what configuration options (for the benefit
> of those who run sendmail and postfix) are needed to do an RBL check
> prior to the message DATA directive?  

First, a little more preaching: YOU SHOULD NOT DO THIS, if you are
concerned about losing legitimate mail.  No matter how conservative
your RBL is, they have probably mis-listed legitimate entities in the
past, and probably will do it again.  RBLs shouldn't be used as the
sole criteria for rejecting mail.  Better to set spamassassin up
(globally, pre-delivery) to do that, so it can use other criteria as
well.  As someone who has been the victim of RBLs on more than one
occasion in the past, though I have never sent out a single spam
message, I oppose their use in general, but especially and vehemently
oppose them as the sole means of filtering spam.

But to answer your question:

  http://www.google.com/search?hl=en&q=sendmail+rbl&btnG=Google+Search

The first hit looks like a good one.  

> Sometimes your commentary here is unnecessarily combative.  

That's probably true.  It's something I'm working on.  I guess it's
partly because of passion, partly due to being lazy (terse comments),
and partly because a large percentage of things that seem to offend
people don't seem offensive to me.  The latter is both blessing and
curse (I'm hard to offend, but more likely to offend others without
intent).  I also come from a family with a tendency to voice their
opinions loudly...

> That is not what I said.  I said:  "I just had to assume that an
> occasional important message would get dev-nulled".  

OK, but honestly I don't see the difference.  I never loose important
mail that way.  And I never filter mail to /dev/null, so I'm certain
that it's not a case of missing mail, and just not knowing about it.

For me, the most effective method of dealing with the problem has been
to maintain a number of e-mail adresses, and be very selective about
who gets what e-mail address.  Until I started maintaining my own
open-ssource project, this method was EXTREMELY effective, and I got
about 10 spams per WEEK.  Since then, I have a very public e-mail
address (code at pizzashack.org) which gets lots of spam -- but
mail to that address which I care about comes from only a few sources,
or has easy to identify (and filter on) key words or phrases in the
subject lines.  Anything that isn't a match goes into my spam folder,
and I don't consider it important specifically because it doesn't
match well defined (and posted, for that matter) critera.

Likewise, I have a "personal" address that I only give out to friends
and family members.  If I give you that address, I add you to a white
list, and mail goes into my inbox.  If you're not on the list, it goes
into my spam folder.  (This used to be unnecessary, but certain
people spammed my e-mail address on mailing lists (most notably on
mutt-users and mutt-dev), which immediately resulted in a noticable
increase in spam received to that address).

I don't use spam assassin, or any similar filtering mechanism.  I do
all of my filtering solely with very basic procmail recipies.

Even with the increased level of spam I receive, I still get only
about 20 spams a day.  Using this method requires that you give up any
old e-mail addresses which are receiving tons of spam, and it requires
a bit of work to set up initially.  After that though, all it requires
on your part is vigilant care taken in who gets what e-mail address.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20050518/64298a9d/attachment.sig>